CVE-2022-23274: Microsoft Dynamics GP Remote Code Execution Vulnerability

How could an attacker exploit this vulnerability?

An authenticated user could send a specially crafted SQL request to a Dynamics GP Web Service and perform remote code execution.